Overview Recently, NSFOCUS CERT detected that Gogs issued a security bulletin and fixed the Gogs remote command execution vulnerability (CVE-2024-56731); Due to the incomplete CVE-2024-39931 fix, an authenticated attacker can delete files in the .git directory through symbolic links and execute arbitrary commands on the Gogs instance using the account permissions specified by RUN_USER in […]
